.terraform.lock.hcl 完全に理解した / How to update .terraform.lock.hcl efficiently

.terraform.lock.hcl
׬શʹཧղͨ͠
Terraform meetup ONLINE #2021.02
2021/02/10
@minamijoyo

View Slide

ࣗݾ঺հ
• Masayuki Morita
• Twitter/GitHub/Qiita: @minamijoyo
• SRE at CrowdWorks Inc.
• Contributor of hashicorp/terraform, hcl, etc…
• Author of: tfschema, tfupdate, tfmigrate, hcledit

View Slide

.terraform.lock.hclͱ͸

View Slide

• Terraform v0.14͔Βಋೖ͞ΕͨґଘϩοΫϑΝΠϧ
• Terraform v0.14Ͱ͸ϓϩόΠμͷΈ؅ཧ(ϞδϡʔϧະରԠ)
• terraform init͢ΔͱࣗಈͰੜ੒͞ΕΔ (ߋ৽͸-upgrade)
• GitͳͲͷόʔδϣϯ؅ཧπʔϧʹίϛοτΛެࣜʹਪ঑
• .gitignoreˍຖճterraform init -upgrade͢Ε͹v0.13Ҏલͱ΄΅ಉ༷
ͷڍಈ
.terraform.lock.hclͱ͸
※஫: ຊࢿྉ࡞੒࣌ͷTerraform͸v0.14.5Ͱ͢

View Slide

# This file is maintained automatically by "terraform init".
# Manual edits may be lost in future updates.
provider "registry.terraform.io/hashicorp/aws" {
version = "3.26.0"
constraints = "~> 3.0"
hashes = [
"h1:b1qNzEzDHZpnHSOW4fRo1PFC0U2Ft25PKKs9NSDGe3U=",
"zh:26043eed36d070ca032cf04bc980c654a25821a8abc0c85e1e570e3935bbfcbb",
"zh:2fe68f3f78d23830a04d7fac3eda550eef1f627dfc130486f70a65dc5c254300",
"zh:3d66484c608c64678e639db25d63872783ce60363a1246e30317f21c9c23b84b",
"zh:46ffd755cfd4cf94fe66342797b5afdcef010a24e126c67fee141b357d393535",
"zh:5e96f24357e945c9067cf5e032ad1d003609629c956c2f9f642fefe714e74587",
"zh:60c27aca36bb63bf3e865c2193be80ca83b376581d00f9c220af4b013e163c4d",
"zh:896f0f22d19d41e71b22f9240b261714c3915b165ddefeb771e7734d69dc47ea",
"zh:90de9966cb2fd3e2f326df291595e55d2dd2d90e7d6dd085c2c8691dce82bdb4",
"zh:ad05a91a88ceb1d6de5a568f7cc0b0e5bc0a79f3da70bc28c1e7f3750e362d58",
"zh:e8c63f59c6465329e1f3357498face3dd7ef10a033df3c366a33aa9e94b46c01",
]
}
੍໿৚݅ͱબ୒͞Εͨόʔδϣϯ
ϓϩόΠμͷϋογϡ஋
ϓϩόΠμ໊

View Slide

͋ʔɺ͸͍͸͍ɻ
Α͋͘ΔґଘϥΠϒϥϦͷ
ϩοΫϑΝΠϧͶɻ

View Slide

.terraform.lock.hcl
׬શʹཧղͨ͠

View Slide

ͰɺऴΘΕ͹Α͔͕ͬͨɺ
ͦΜͳʹ୯७Ͱ͸ͳ͔ͬͨ

View Slide

• TF_PLUGIN_CACHEͰϓϩόΠμΛΩϟογϡ͢Δͱ৑௕ͳμ΢ϯϩʔυճආ
Ͱ͖Δ
• Ωϟογϡͷ༗ແͰੜ੒͞ΕΔϩοΫϑΝΠϧͷத਎͕ҟͳΔ
ϩοΫϑΝΠϧ͕Ωϟογϡঢ়ଶʹґଘ͢Δ໰୊
$ mkdir -p /tmp/plugin-cache
$ TF_PLUGIN_CACHE_DIR=/tmp/plugin-cache terraform init
$ rm -rf .terraform && rm .terraform.lock.hcl
$ TF_PLUGIN_CACHE_DIR=/tmp/plugin-cache terraform init
$ # This file is maintained automatically by "terraform init".
version = "3.26.0"
hashes = [
]
}
ϋογϡ͕ߦ͔͠ه࿥͞Εͳ͍
Ωϟογϡ͋ΓͰੜ੒͞ΕͨϩοΫ

View Slide

version = "3.26.0"
hashes = [
]
} ͦ΋ͦ΋Iͱ͔[Iͱ͔Կʁʁʁ
Ωϟογϡͳ͠ͷ৔߹

View Slide

.terraform.lock.hcl
φχϞϫΧϥφΠ

View Slide

• https://www.terraform.io/docs/language/dependency-lock.html
• zh: zip hash (legacy)
• ϓϩόΠμͷ഑෍෺ͷzipύοέʔδͷϋογϡ஋
• Terraform Registry͔Βμ΢ϯϩʔυͨ͠৔߹ʹ෇༩͞ΕΔ
• ͢΂ͯͷϓϥοτϑΥʔϜ෼Λه࿥
• h1: hash scheme 1
• ϓϩόΠμͷ഑෍෺ͷίϯςϯπͷϋογϡ஋
• ϛϥʔ΍ΩϟογϡͰ΋࢖͑Δ
• σϑΥϧτͰ͸࣮ߦ͢ΔϓϥοτϑΥʔϜ෼͚ͩه࿥
ݱঢ়zhͱh1ͷ2छྨͷϋογϡํ͕ࣜ͋Δ

View Slide

version = "3.26.0"
hashes = [
]
}
NBD04 EBSXJO@BNE

͢΂ͯͷϓϥοτϑΥʔϜͱ͸ʁʁʁ

View Slide

$ curl -s https://registry.terraform.io/v1/providers/hashicorp/aws/3.26.0/download/darwin/amd64 | jq .
{
"protocols": [
"5.0"
],
"os": "darwin",
"arch": "amd64",
"filename": "terraform-provider-aws_3.26.0_darwin_amd64.zip",
"download_url": "https://releases.hashicorp.com/terraform-provider-aws/3.26.0/terraform-provider-
aws_3.26.0_darwin_amd64.zip",
"shasums_url": "https://releases.hashicorp.com/terraform-provider-aws/3.26.0/terraform-provider-aws_3.26.0_SHA256SUMS",
"shasums_signature_url": "https://releases.hashicorp.com/terraform-provider-aws/3.26.0/terraform-provider-
aws_3.26.0_SHA256SUMS.sig",
"shasum": "90de9966cb2fd3e2f326df291595e55d2dd2d90e7d6dd085c2c8691dce82bdb4",
"signing_keys": {
$ TF_LOG=TRACE terraform init
(snip.)
2021/02/03 23:32:13 [DEBUG] GET https://registry.terraform.io/v1/providers/hashicorp/aws/versions
2021/02/03 23:32:13 [TRACE] HTTP client GET request to https://registry.terraform.io/v1/providers/hashicorp/aws/versions
2021/02/03 23:32:13 [DEBUG] GET https://registry.terraform.io/v1/providers/hashicorp/aws/3.26.0/download/darwin/amd64
2021/02/03 23:32:13 [TRACE] HTTP client GET request to https://registry.terraform.io/v1/providers/hashicorp/aws/3.26.0/
download/darwin/amd64
2021/02/03 23:32:14 [DEBUG] GET https://releases.hashicorp.com/terraform-provider-aws/3.26.0/terraform-provider-
aws_3.26.0_SHA256SUMS
2021/02/03 23:32:14 [TRACE] HTTP client GET request to https://releases.hashicorp.com/terraform-provider-aws/3.26.0/
terraform-provider-aws_3.26.0_SHA256SUMS
2021/02/03 23:32:14 [DEBUG] GET https://releases.hashicorp.com/terraform-provider-aws/3.26.0/terraform-provider-
aws_3.26.0_SHA256SUMS.sig
2021/02/03 23:32:14 [TRACE] HTTP client GET request to https://releases.hashicorp.com/terraform-provider-aws/3.26.0/
terraform-provider-aws_3.26.0_SHA256SUMS.sig
(snip.)
σόοάϩάΛग़ྗ
͜͜ʹνΣοΫαϜ͕͋Γͦ͏
5FSSBGPSN3FHJTUSZͱ௨৴ͯ͠Δ

View Slide

$ curl -s https://releases.hashicorp.com/terraform-provider-aws/3.26.0/terraform-provider-aws_3.26.0_SHA256SUMS | sort
26043eed36d070ca032cf04bc980c654a25821a8abc0c85e1e570e3935bbfcbb terraform-provider-aws_3.26.0_linux_amd64.zip
2fe68f3f78d23830a04d7fac3eda550eef1f627dfc130486f70a65dc5c254300 terraform-provider-aws_3.26.0_windows_386.zip
3d66484c608c64678e639db25d63872783ce60363a1246e30317f21c9c23b84b terraform-provider-aws_3.26.0_freebsd_arm.zip
46ffd755cfd4cf94fe66342797b5afdcef010a24e126c67fee141b357d393535 terraform-provider-aws_3.26.0_linux_386.zip
5e96f24357e945c9067cf5e032ad1d003609629c956c2f9f642fefe714e74587 terraform-provider-aws_3.26.0_freebsd_amd64.zip
60c27aca36bb63bf3e865c2193be80ca83b376581d00f9c220af4b013e163c4d terraform-provider-aws_3.26.0_linux_arm64.zip
896f0f22d19d41e71b22f9240b261714c3915b165ddefeb771e7734d69dc47ea terraform-provider-aws_3.26.0_freebsd_386.zip
90de9966cb2fd3e2f326df291595e55d2dd2d90e7d6dd085c2c8691dce82bdb4 terraform-provider-aws_3.26.0_darwin_amd64.zip
ad05a91a88ceb1d6de5a568f7cc0b0e5bc0a79f3da70bc28c1e7f3750e362d58 terraform-provider-aws_3.26.0_linux_arm.zip
e8c63f59c6465329e1f3357498face3dd7ef10a033df3c366a33aa9e94b46c01 terraform-provider-aws_3.26.0_windows_amd64.zip
TPSU͢Δͱ
hashes = [
]
׬શʹҰக

View Slide

.terraform.lock.hcl
׬શʹཧղͨ͠

View Slide

͋Εɺ͏ͪͷCI͸
Docker(Linux)ͳΜ͚ͩͲʁ
h1͸macOS༻Ͱ͍͍ͷʁ

View Slide

ͳΔ΄Ͳʙɺ
͍͍࣭໰Ͱ͢Ͷɻ

View Slide

$ # This file is maintained automatically by "terraform init".
version = "3.26.0"
hashes = [
]
} [I͕ͳ͍৔߹
NBD04 EBSXJO@BNE

$ docker run -it --rm -v $(pwd):/work hashicorp/terraform:0.14.5 -chdir=/work init
Initializing the backend...
Initializing provider plugins...
- Reusing previous version of hashicorp/aws from the dependency lock file
- Installing hashicorp/aws v3.26.0...
Error: Failed to install provider
Error while installing hashicorp/aws v3.26.0: the current package for
registry.terraform.io/hashicorp/aws 3.26.0 doesn't match any of the checksums
previously recorded in the dependency lock file
νΣοΫαϜΤϥʔ
%PDLFS -JOVY
Ͱ࣮ߦͯ͠ΈΔ

View Slide

ͦΕ͸ͦ͏ɻ
ͩͬͯνΣοΫαϜͬͯ
վ͟Μݕ஌ͳΜ͔ͩΒ
ͦ͏͍͏΋Μɻ

View Slide

version = "3.26.0"
hashes = [
]
}
I͸NBD04 EBSXJO@BNE

[I͕͋Δ

View Slide

$ git diff
diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl
index 9591972..a0f76ee 100644
--- a/.terraform.lock.hcl
+++ b/.terraform.lock.hcl
@@ -5,6 +5,7 @@ provider "registry.terraform.io/hashicorp/aws" {
version = "3.26.0"
hashes = [
+ "h1:0i78FItlPeiomd+4ThZrtm56P5K33k7/6dnEe4ZePI0=",
“zh:2fe68f3f78d23830a04d7fac3eda550eef1f627dfc130486f70a65dc5c254300",
(snip.)
$ docker run -it --rm -v $(pwd):/work hashicorp/terraform:0.14.5 -chdir=/work init
%PDLFS -JOVY
Ͱ࣮ߦͯ͠ΈΔ
ͳΜ͔૿͑ͯΔʂʂ

View Slide

উखʹ૿͑ͯ΂ΜΓʙ
ʢͳΘ͚ͳ͍ʣ
CIͰgit diffग़Δͷ΍ͩʔɻ

View Slide

.terraform.lock.hcl
φχϞϫΧϥφΠ

View Slide

ͦΜͳ͜ͱ΋͋Ζ͏͔ͱ
terraform providers lock

View Slide

• ͋Β͔͡ΊඞཁͳϓϥοτϑΥʔϜ໊Λࢦఆͯ͠ϩοΫϑΝΠϧΛੜ੒͢Δ
• https://www.terraform.io/docs/cli/commands/providers/lock.html
terraform providers lock
$ terraform providers lock -platform=linux_amd64 -platform=darwin_amd64
hashes = [
"h1:0i78FItlPeiomd+4ThZrtm56P5K33k7/6dnEe4ZePI0=",
]
NBD04 EBSXJO@BNE

-JOVY MJOVY@BNE

View Slide

.terraform.lock.hcl
׬શʹཧղͨ͠

View Slide

͋ΕɺΩϟογϡ͕ޮ͍͍ͯ
ͳ͍Α͏ͳʁʁʁ

View Slide

• terraform providers lockίϚϯυ͸σϑΥϧτͰ͸Registryͱ
௨৴͢ΔͷͰɺΩϟογϡΛແࢹ͢ΔʢόάͰ͸ͳ͘࢓༷ʣ
• ϩοΫ͸rootϞδϡʔϧ (=σΟϨΫτϦ) ͝ͱʹ؅ཧ͢Δ
• h1Λܭࢉ͢ΔͨΊϓϩόΠμͷμ΢ϯϩʔυ͕ඞཁ
• σΟϨΫτϦ͍ͬͺ͍͋ΔͱɺຖճσΟϨΫτϦ਺෼͚ͩॏ
ෳμ΢ϯϩʔυ͢Δͷແବ͗͢Ͷʁʁʁ
• ϦϙδτϦϧʔτͰϩοΫϑΝΠϧੜ੒ͯ͠ɺ֤σΟϨΫτϦ
ʹίϐʔͱ͍͏Ҋ΋ͳ͘͸ͳ͍͕ɺϩοΫϑΝΠϧ͕কདྷϞ
δϡʔϧ΋αϙʔτ͢Δͱഁ୼ͦ͠͏
TF_PLUGIN_CACHEޮ͔ͳ͍໰୊

View Slide

.terraform.lock.hcl
φχϞϫΧϥφΠ

View Slide

ͦΜͳ͋ͳͨʹ
terraform providers mirror

View Slide

• ϩʔΧϧϑΝΠϧγεςϜϛϥʔΛ࡞੒͠ɺϛϥʔ͔ΒϩοΫϑΝΠϧ΋࡞ΕΔ
• https://www.terraform.io/docs/cli/commands/providers/mirror.html
terraform providers mirror
$ FS_MIRROR=“/tmp/terraform.d/plugins"
$ terraform providers mirror -platform=linux_amd64 -platform=darwin_amd64 "${FS_MIRROR}"
$ terraform providers lock -fs-mirror="${FS_MIRROR}" -platform=linux_amd64 -platform=darwin_amd64
version = "3.26.0"
hashes = [
]
}
3FHJTUSZͱ௨৴͠ͳ͍৔߹
I͔͠ه࿥͞Εͳ͍
ϛϥʔΛࢦఆ

View Slide

·͊ඞཁͳh1Λੜ੒Ͱ͖Ε͹
zh͍Βͳ͘Ͷʁ

View Slide

#!/bin/bash
set -eo pipefail
export TF_PLUGIN_CACHE_DIR="/tmp/terraform.d/plugin-cache"
mkdir -p "${TF_PLUGIN_CACHE_DIR}"
FS_MIRROR="/tmp/terraform.d/plugins"
terraform providers mirror -platform=linux_amd64 -platform=darwin_amd64 "${FS_MIRROR}"
ALL_DIRS=$(find . -type f -name '*.tf' | xargs -I {} dirname {} | sort | uniq | grep -v 'modules/')
for dir in ${ALL_DIRS}
do
pushd "$dir"
rm -f .terraform.lock.hcl
terraform providers lock -fs-mirror="${FS_MIRROR}" -platform=linux_amd64 -platform=darwin_amd64
popd
done
΅͘ͷ͔Μ͕͍͖͑ͨ͞ΐ͏ͷ.sh
• ϦϙδτϦϧʔτͰඞཁͳϓϩόΠμΛྻڍͨ͠ .tfΛ͋Β͔͡Ί഑ஔ
• ϦϙδτϦϧʔτͰϩʔΧϧϛϥʔΛ࡞੒͠ɺαϒσΟϨΫτϦͰϩοΫϑΝΠϧΛੜ੒

View Slide

$ terraform providers lock
Error: Module not installed
on main.tf line 1:
1: module "foo" {
This module is not yet installed. Run "terraform init" to install all modules
required by this configuration.
Ϟδϡʔϧࢀর͕͋Δͱ
ΤϥʔʹͳΔ
Ϟδϡʔϧࢀর͕͋ΔͱΤϥʔʹͳΔ໰୊
• Ϟδϡʔϧ͔Βؒ઀తʹϓϩόΠμͷґଘ͕૿͑Δ͜ͱ͸͋Γ͏Δ
• providers lockίϚϯυ͸ґଘ͢Δ͢΂ͯͷϞδϡʔϧΛಡΈࠐΉඞཁ͕͋Δ

View Slide

#!/bin/bash
set -eo pipefail
export TF_PLUGIN_CACHE_DIR="/tmp/terraform.d/plugin-cache"
mkdir -p "${TF_PLUGIN_CACHE_DIR}"
FS_MIRROR="/tmp/terraform.d/plugins"
terraform providers mirror -platform=linux_amd64 -platform=darwin_amd64 "${FS_MIRROR}"
ALL_DIRS=$(find . -type f -name '*.tf' | xargs -I {} dirname {} | sort | uniq | grep -v 'modules/')
for dir in ${ALL_DIRS}
do
pushd “$dir"
terraform init -input=false -no-color -backend=false -plugin-dir=“${FS_MIRROR}"
terraform providers lock -fs-mirror="${FS_MIRROR}" -platform=linux_amd64 -platform=darwin_amd64
rm -rf .terraform
popd
done
QSPWJEFSTMPDLલʹ
JOJUͰϞδϡʔϧΛऔಘ
΅͘ͷ͔Μ͕͍͖͑ͨ͞ΐ͏ͷ.sh

View Slide

.terraform.lock.hcl
׬શʹཧղͨ͠

View Slide

͋Εɺ
·ͨͳΜ͔gitࠩ෼͕ग़ͨ

View Slide

$ terraform init
$ git diff
diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl
index 88ac68e..a0f76ee 100644
--- a/.terraform.lock.hcl
+++ b/.terraform.lock.hcl
@@ -7,5 +7,15 @@ provider "registry.terraform.io/hashicorp/aws" {
hashes = [
+ "zh:26043eed36d070ca032cf04bc980c654a25821a8abc0c85e1e570e3935bbfcbb",
+ "zh:2fe68f3f78d23830a04d7fac3eda550eef1f627dfc130486f70a65dc5c254300",
+ "zh:3d66484c608c64678e639db25d63872783ce60363a1246e30317f21c9c23b84b",
+ "zh:46ffd755cfd4cf94fe66342797b5afdcef010a24e126c67fee141b357d393535",
+ "zh:5e96f24357e945c9067cf5e032ad1d003609629c956c2f9f642fefe714e74587",
+ "zh:60c27aca36bb63bf3e865c2193be80ca83b376581d00f9c220af4b013e163c4d",
+ "zh:896f0f22d19d41e71b22f9240b261714c3915b165ddefeb771e7734d69dc47ea",
+ "zh:90de9966cb2fd3e2f326df291595e55d2dd2d90e7d6dd085c2c8691dce82bdb4",
+ "zh:ad05a91a88ceb1d6de5a568f7cc0b0e5bc0a79f3da70bc28c1e7f3750e362d58",
+ "zh:e8c63f59c6465329e1f3357498face3dd7ef10a033df3c366a33aa9e94b46c01",
]
} [I͕௥ه͞ΕΔ
ϩʔΧϧʹΩϟογϡ͕ͳ͍৔߹
Ωϟογϡ͕ͳ͍ͱzh௥ه͞ΕͪΌ͏໰୊

View Slide

WindowsͰ΋࢖͏͔΋ͩ͠ɺ
zh௥ه͓͍ͯͨ͠Α
ʢ༨ܭͳ͓ੈ࿩ʣ

View Slide

.terraform.lock.hcl
φχϞϫΧϥφΠ

View Slide

ͦ΋ͦ΋
Terraform Registry͕௚઀
zhͱh1྆ํฦͯ͘͠ΕΕ͹
શ෦ղܾͰ͸ʁʁʁ

View Slide

https://github.com/hashicorp/terraform/issues/27264

View Slide

https://github.com/hashicorp/terraform/issues/27264
UFSSBGPSNMPDLIDMνϣοτσΩϧ
5FSSBGPSNίΞνʔϜͷ
BQQBSFOUMZNBSUࢯʹΑΔղઆ

View Slide

ͳΜͰ͜ΜͳΊΜͲ͍͘͜͞
ͱʹͳ͍ͬͯΔͷ͔ʁ
ͬ͘͟Γཁ໿ˍิ଍͢Δͱ

View Slide

• Terraform v0.12·Ͱ͸ϓϩόΠμ͸ releases.hashicorp.com ͔Β഑
෍͍ͯͨ͠
• ͦ΋ͦ΋ releases.hashicorp.com ͸Terraformઐ༻Ͱ͸ͳ͍ͷͰɺ഑
෍෺ͷzipΞʔΧΠϒͷνΣοΫαϜΛ࢖͏ͱ͍͏ͷ͸ଥ౰
• v0.13ͰϓϩόΠμͷ഑෍΋Registryܦ༝ʹͳ͕ͬͨɺஈ֊తʹҠߦ
͢ΔͨΊɺRegistry͸࣮ࡍʹ͸ͨͩͷindexͰɺ഑෍෺͸Ҿ͖ଓ͖
releases.hashicorp.com ͔Β഑෍͢Δ͜ͱʹ
• ݁Ռͱͯ͠ɺRegistry͸releases.hashicorp.comͷνΣοΫαϜͷ࢓
༷ΛҾ͖ܧ͍ͩ
ݱঢ়Terraform Registry͸zh͔͠ฦͤͳ͍

View Slide

• h1͸౰ॳLocal Filesystem MirrorΛαϙʔτ͢ΔͨΊʹಋೖ͞Εͨ
• Local Filesystem Mirror͸zipܗ͚ࣜͩͰͳ͘ɺzipల։ࡁΈͷσΟϨΫτ
Ϧܗࣜ΋αϙʔτ͓ͯ͠ΓɺσΟϨΫτϦܗࣜͷ৔߹͸zhΛܭࢉͰ͖ͳ
͍ʢѹॖ͢ΔͨͼʹzipϑΝΠϧͷϝλσʔλ͕มΘͬͯ͠·͏ͷͰʣ
• ࣗ࡞ϓϩόΠμͷ৔߹͸ɺRegistry͔Β഑෍͞ΕΔ͜ͱ͸ͳ͘ɺh1͚ͩ
Ͱ໰୊ͳ͔͕ͬͨɺRegistryͰ഑෍͞Ε͍ͯΔ΋ͷΛɺLocal Filesystem
Mirrorܦ༝ͰΠϯετʔϧ͠Α͏ͱ͢ΔͱɺΠϯετʔϧํ๏ʹґଘ͠
ͯϩοΫϑΝΠϧͷத਎͕มΘͬͯ͠·͏
• ͱ͍͏Θ͚Ͱɺ͋Β͔͡ΊϩοΫϑΝΠϧΛੜ੒͢Δterrform
providers lock͕࣮૷͞Εͨ
Local Filesystem Mirror ͸zhΛܭࢉͰ͖ͳ͍

View Slide

• h1͸ܭࢉʹμ΢ϯϩʔυ͕ඞཁͳͷͰɺ௨ৗ͸terraform initͨ͠ϓ
ϥοτϑΥʔϜ෼͔͠ه࿥͞Εͳ͍
• ͨͩzhΛ͋Β͔͡Ί͢΂ͯͷϓϥοτϑΥʔϜ෼ه࿥͓͚ͯ͠͹ɺ
ଞͷϓϥοτϑΥʔϜͰ΋ɺ৴པͰ͖Δط஌ͷzhʹϚον͢Δzipͷ
ίϯςϯπͷh1Λޙ͔Β௥هͯ͠΋҆શɻ
• ඞཁʹͳͬͨλΠϛϯάͰ৽͍͠h1Λ௥ه͢Δͱ͍͏࢓༷͸ɺਓ͕
ϩοΫϑΝΠϧΛݟͯߋ৽Λίϛοτ͢Δͱ͍͏ϫʔΫϑϩʔΛ૝
ఆͯ͠ઃܭ͞Ε͍ͯΔ
• ҰํɺϓϩόΠμͷόʔδϣϯΞοϓΛࣗಈԽ͠ɺϩοΫϑΝΠϧ
Λߋ৽͞ΕΔλΠϛϯάΛݫີʹίϯτϩʔϧ͍ͨ͠৔߹ʹ͸ɺҙ
ਤ͠ͳ͍λΠϛϯάͰߋ৽͞ΕΔͷ͸ࠔͬͯ͠·͏
҆શʹh1Λݕূͯ͠௥Ճ͢Δʹ͸

View Slide

• ݱঢ়ͷRegistryϓϩτίϧ͸ෳ਺ͷϋογϡํ͕ࣜ͋Δ͜ͱ
Λ૝ఆ͍ͯ͠ͳ͍
• Registry ͕ෳ਺ͷϋογϡํࣜΛѻ͑ΔΑ͏ʹ͢΂͖ͩ
͠ɺඞཁੑ͸ೝ͍ࣝͯ͠Δ͕ɺv0.14.0ͷϦϦʔεʹ͸ؒʹ
߹ΘͤΒΕͳ͔ͬͨ
• Registryϓϩτίϧͷมߋʹ͸͠͹Β͕͔͔࣌ؒ͘Γͦ͏
Registry͸h1Λฦͤͳ͍ͷ͔ʁ

View Slide

.terraform.lock.hcl
׬શʹཧղͨ͠

View Slide

͋ͨ͞͠ΓϩοΫϑΝΠϧߋ৽Λ
཈ࢭ͍ͨ͠ͷ͚ͩΕͲ΋
Կ͔Φϓγϣϯੜ΍͢ͷ͋Γʁ
UFSSBGPSNJOJUMPDLpMFSFBEPOMZ
͸͋Γ͡Όͳ͍ʁ

View Slide

https://github.com/hashicorp/terraform/pull/27630
ϨϏϡʔ଴ͪ
terraform init -lockﬁle=readonly ࡞ͬͯΈͨ

View Slide

• Terraform v0.14͔Βಋೖ͞Εͨ.terraform.lock.hclΛɺෳ਺ͷ
σΟϨΫτϦͱϓϥοτϑΥʔϜࠞࡏ؀ڥͰޮ཰Α͘ӡ༻͢Δ
ʹ͸ɺݱঢ়͍Ζ͍Ζͳٕज़తͳ੍໿͕͋Γେมݫ͍͠
• .gitignoreͨ͠Βෛ͚͔ͳͱࢥͬͯΔͷͰӡ༻ํ๏Λ໛ࡧத
• terraform providers mirrorͱterraform providers lockΛ૊Έ߹
ΘͤΕ͹ɺΩϟογϡ͕ͳ͍৔߹Ҏ֎͸͍͚ͦ͏ײ
• terraform init -lockﬁle=readonly͕ύζϧͷ࠷ޙͷϐʔε
• ࠜຊతʹ͸Registry͕h1Λ௚઀ฦͯ͘͠ΕΔ͜ͱΛظ଴
·ͱΊ: .terraform.lock.hcl ׬શʹཧղͨ͠

View Slide

.terraform.lock.hcl 完全に理解した / How to update .terraform.lock.hcl efficiently

.terraform.lock.hcl 完全に理解した / How to update .terraform.lock.hcl efficiently

Masayuki Morita

More Decks by Masayuki Morita

Other Decks in Programming

Featured

Transcript